CVE-2018-12232
EUVD-2018-421012.06.2018, 12:29
In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 𝑥 ≤ 4.17.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| linux |
| ||||||||||
| linux-aws |
| ||||||||||
| linux-azure |
| ||||||||||
| linux-azure-edge |
| ||||||||||
| linux-euclid |
| ||||||||||
| linux-flo |
| ||||||||||
| linux-gcp |
| ||||||||||
| linux-gke |
| ||||||||||
| linux-goldfish |
| ||||||||||
| linux-grouper |
| ||||||||||
| linux-hwe |
| ||||||||||
| linux-hwe-edge |
| ||||||||||
| linux-kvm |
| ||||||||||
| linux-lts-trusty |
| ||||||||||
| linux-lts-utopic |
| ||||||||||
| linux-lts-vivid |
| ||||||||||
| linux-lts-wily |
| ||||||||||
| linux-lts-xenial |
| ||||||||||
| linux-maguro |
| ||||||||||
| linux-mako |
| ||||||||||
| linux-manta |
| ||||||||||
| linux-oem |
| ||||||||||
| linux-raspi2 |
| ||||||||||
| linux-snapdragon |
|
References